etcdhclient.conf


/etc/dhclient.conf

OpenBSD includes the Internet Software Consortium's DHCP client, which allows you to fine-tune how you accept DHCP offers. In most cases you will not need to do this, but when it's necessary it's extremely helpful. For average use, /etc/dhclient.conf can be empty.

Entries in /etc/dhclient.conf resemble C code and generally include a variable declaration followed by a value. Each line ends in a semicolon.

Prolonging Lease Requests

DHCP clients can have trouble when the network suffers from lag, and requests for configuration information time out before a valid offer makes it way back. Frequently, just rebooting and trying again suffices to get an answer back from the DHCP server — that's what they do in Windows support, after all — but you can do a little better. The dhclient(8) program can configure the amount of time it spends on each part of the process.

When dhclient(8) starts, it requests the last IP address it used (leased) and, by default, spends ten seconds trying to get that address. The reboot time is the number of seconds the client will spend trying to get the old address reissued. To change this waiting time, use the "reboot" statement.

 reboot 20; 

If the client cannot get its previous address in the reboot time, it will request a new one instead.

Rejecting Bad DHCP Servers

One of dhclient(8)'s more interesting features is its ability to reject bad DHCP servers. For example, some networks allow just about anyone to hook just about anything to them. If you've ever gone to a security conference, you've probably seen someone throw up a rogue DHCP server as a prank. If your system receives a lease from one of these servers, your connection may not work or you may be funneling all of your traffic through a packet sniffer. Nifty, no?

Ideally, you can just ask the network administrator for the correct IP address of the DHCP server. If you can't get that information, examine the leases you have received in /var/db/dhclient.leases. This file lists all the leases your system has ever received, including the bad one. Identifying a bad DHCP server is a matter of trial and error. Get the IP address of each DHCP server and then reject each server one at a time until you get a working configuration. To reject a DHCP server and refuse any further offers from it, list its IP with the "reject" keyword.

 reject 192.168.1.84; 

If you find a rogue DHCP server on your network, rather than patching around it with reject statements you should identify the rogue server, disable it, and deal with the person running it appropriately. (Despite any inclinations to the contrary, "appropriately" in this case does not involve chainsaws.) On foreign networks, you don't generally have the privilege to do that.

Announcing Host Information

If you are on someone else's network and feel friendly toward the local network administrator, add a "send" statement to your dhclient.conf. The DHCP server will record the information you put in your "send" statement in its lease database. The local network administrator can use this information to find you if your system starts misbehaving. You might not think this is a good thing, but making yourself easy to find is much better than making the administrator hunt you down.

 send host-name "mwlucas-laptop.bigcompany.com" 

Of the many other options in dhclient.conf, most are relatively useless under normal circumstances. You can, for example, refuse lease offers that don't include information you want — but if you refuse the lease, you won't get on the network at all. For detailed information on these options, see dhclient.conf(5).




Absolute Openbsd(c) Unix for the Practical Paranoid
Absolute OpenBSD: Unix for the Practical Paranoid
ISBN: 1886411999
EAN: 2147483647
Year: 2005
Pages: 298

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net